Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nKHGLXgIvA0QBRCDuUkg559IK-Y.roa
File: nKHGLXgIvA0QBRCDuUkg559IK-Y.roa (raw, json)
Hash identifier: +25eVKgTl0B0yhNGbpLXl29B4Y8/EJROOldVnFU3yco=
Subject key identifier: 9C:A1:C6:2D:78:08:BC:0D:10:05:10:83:B9:49:20:E7:9F:48:2B:E6
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01927C8D5D49801E20F59DBFDAEA388179CC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nKHGLXgIvA0QBRCDuUkg559IK-Y.roa
Signing time: Fri 11 Oct 2024 17:08:12 +0000
ROA not before: Fri 11 Oct 2024 17:08:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36530
IP address blocks: 37.202.220.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7c:8d:5d:49:80:1e:20:f5:9d:bf:da:ea:38:81:79:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 11 17:08:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca1c62d7808bc0d10051083b94920e79f482be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7e:8d:e3:2e:6e:ae:2f:7c:91:2d:b0:76:ff:
46:93:e3:a1:44:b3:ec:43:3e:fa:f1:88:dd:31:11:
81:9e:c8:dc:f3:c5:a4:9b:0c:df:97:da:56:ef:3c:
6a:c4:03:63:d4:ca:8c:9e:0f:d3:5f:08:81:e6:bc:
56:60:fb:af:5a:45:25:00:55:64:12:99:b0:fb:c8:
bf:d5:42:1f:26:05:51:48:76:7d:0c:b9:b6:e4:a8:
dc:31:77:88:72:d2:6b:bc:5e:85:83:06:0a:83:86:
65:5b:35:2e:50:96:72:6a:32:3d:e8:1b:7f:e1:d9:
4b:bf:dc:75:84:7f:fe:82:6b:b2:91:70:2e:52:16:
a6:a2:cf:4b:52:02:74:f9:17:f4:d5:aa:aa:7b:af:
de:0e:b3:f9:91:bd:5f:84:4c:14:0e:9f:20:4d:38:
17:c1:ab:2c:0e:95:e7:4a:db:74:4a:c4:49:9e:5a:
66:b9:42:96:68:27:a4:46:9c:7f:b9:02:85:a2:e5:
cc:2b:ed:c7:c8:bd:e3:db:81:f1:ff:8b:76:e9:c5:
2e:eb:b0:cd:74:fa:2e:85:45:90:f1:96:ea:cb:be:
fc:b2:22:5b:51:0b:c5:69:77:7a:0b:fd:db:36:89:
ef:58:a1:83:e5:43:e2:3a:27:85:49:aa:a1:7d:86:
c7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A1:C6:2D:78:08:BC:0D:10:05:10:83:B9:49:20:E7:9F:48:2B:E6
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nKHGLXgIvA0QBRCDuUkg559IK-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/23
Signature Algorithm: sha256WithRSAEncryption
87:32:60:9d:d6:66:84:1e:87:fa:69:01:19:e3:23:0f:6a:e8:
92:54:84:df:43:cd:94:c0:31:af:51:91:46:00:7d:36:f8:94:
a8:4d:31:f4:02:f2:3d:59:0c:11:4e:fa:e9:a5:4a:ae:c8:ad:
9a:0c:f5:0e:00:cc:f3:c9:87:0f:06:68:8f:ba:d2:db:d7:73:
6d:97:f5:af:cb:01:8f:02:6c:95:48:2b:73:44:76:72:c4:59:
a8:b4:7d:f2:64:c5:fe:88:27:b5:c7:30:5a:7b:bb:d7:58:d2:
8c:2e:1f:7a:48:18:bd:9a:55:65:ce:c6:0b:bb:2c:97:69:0a:
8d:32:71:2a:52:8e:3e:c8:c7:97:6a:c2:1e:a8:a0:42:ee:4c:
d5:a4:04:71:7a:f3:bf:01:61:8d:fe:4b:68:31:bd:7a:ed:c5:
75:f5:aa:34:e7:4b:d3:6d:91:fb:48:a5:31:09:e0:5d:0f:d0:
21:c4:9d:39:38:7e:ab:aa:95:b7:45:a1:8a:c3:41:5e:01:cc:
2f:8e:d2:dd:cc:99:29:ac:11:99:8d:f7:57:61:f3:11:64:33:
d4:e5:08:9f:8b:61:39:dd:ad:81:10:c6:db:12:1d:4b:d5:80:
a3:bc:62:51:8b:d8:4a:0e:52:83:9c:73:60:e6:74:1c:49:b8:
8d:1b:ea:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJ8jV1JgB4g9Z2/2uo4gXnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMDExMTcwODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ExYzYyZDc4MDhiYzBkMTAwNTEwODNiOTQ5MjBlNzlmNDgyYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr36N4y5uri98kS2wdv9Gk+OhRLPs
Qz768YjdMRGBnsjc88Wkmwzfl9pW7zxqxANj1MqMng/TXwiB5rxWYPuvWkUlAFVk
Epmw+8i/1UIfJgVRSHZ9DLm25KjcMXeIctJrvF6FgwYKg4ZlWzUuUJZyajI96Bt/
4dlLv9x1hH/+gmuykXAuUhamos9LUgJ0+Rf01aqqe6/eDrP5kb1fhEwUDp8gTTgX
wassDpXnStt0SsRJnlpmuUKWaCekRpx/uQKFouXMK+3HyL3j24Hx/4t26cUu67DN
dPouhUWQ8Zbqy778siJbUQvFaXd6C/3bNonvWKGD5UPiOieFSaqhfYbHQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyhxi14CLwNEAUQg7lJIOefSCvmMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbktIR0xYZ0l2QTBRQlJDRHVVa2c1NTlJSy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJcrcMA0G
CSqGSIb3DQEBCwUAA4IBAQCHMmCd1maEHof6aQEZ4yMPauiSVITfQ82UwDGvUZFG
AH02+JSoTTH0AvI9WQwRTvrppUquyK2aDPUOAMzzyYcPBmiPutLb13Ntl/WvywGP
AmyVSCtzRHZyxFmotH3yZMX+iCe1xzBae7vXWNKMLh96SBi9mlVlzsYLuyyXaQqN
MnEqUo4+yMeXasIeqKBC7kzVpARxevO/AWGN/ktoMb167cV19ao050vTbZH7SKUx
CeBdD9AhxJ05OH6rqpW3RaGKw0FeAcwvjtLdzJkprBGZjfdXYfMRZDPU5Qifi2E5
3a2BEMbbEh1L1YCjvGJRi9hKDlKDnHNg5nQcSbiNG+od
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:35 2025 by rpki-client